Last active
May 5, 2017 00:35
-
-
Save DennisLfromGA/cd3455530cec2a5a1ef4 to your computer and use it in GitHub Desktop.
ChromeOS script to re-write the current kernel configuration to enable VT-x extensions and lsm.module locking for virtualbox/virtualization. Based on steps provided by @zwxfzzzjr on the crouton github site here - https://github.com/dnschneid/crouton/issues/675#issuecomment-40567742
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh -e | |
| C_ROOT='' | |
| C_KERNEL='' | |
| ## | |
| ## Exits the script with exit code $1, spitting out message $@ to stderr | |
| error() { | |
| local ecode="$1" | |
| shift | |
| echo "$*" 1>&2 | |
| exit "$ecode" | |
| } | |
| ## | |
| ## Ensure this script is run from a Cros shell (as chronos or superuser) | |
| if [ "x$USER" != 'xchronos' -a "x$SUDO_USER" != 'xchronos' ]; then | |
| error 1 "This script has to be run from a Cros shell (as chronos or superuser) - exiting!" | |
| fi | |
| #Following routine borrowed from @drinkcat ;) | |
| ROOTDEVICE="`rootdev -d -s`" | |
| if [ -z "$ROOTDEVICE" ]; then | |
| error 1 "Cannot find root device." | |
| fi | |
| if [ ! -b "$ROOTDEVICE" ]; then | |
| error 1 "$ROOTDEVICE is not a block device." | |
| fi | |
| # If $ROOTDEVICE ends with a number (e.g. mmcblk0), partitions are named | |
| # ${ROOTDEVICE}pX (e.g. mmcblk0p1). If not (e.g. sda), they are named | |
| # ${ROOTDEVICE}X (e.g. sda1). | |
| ROOTDEVICEPREFIX="$ROOTDEVICE" | |
| if [ "${ROOTDEVICE%[0-9]}" != "$ROOTDEVICE" ]; then | |
| ROOTDEVICEPREFIX="${ROOTDEVICE}p" | |
| fi | |
| ## | |
| ## 0.Disable verified boot : (You could do this later, but you have to do this before step 5. IT WON'T BOOT OTHERWISE!) | |
| echo "## 0.Disable verified boot" | |
| echo -n "Changing system to allow booting unsigned images: " | |
| sudo crossystem dev_boot_signed_only=0 || ( echo; error 2 "*** Couldn't disable 'verified boot'" ) | |
| echo 'crossystem dev_boot_signed_only=0' | |
| sleep 3 && echo | |
| ## | |
| ## 1.Get current root & assign current kernel | |
| echo "## 1.Get current root & assign current kernel" | |
| echo -n "Determining current kernel = " | |
| C_ROOT=`rootdev -s` | |
| if [ $C_ROOT = ${ROOTDEVICEPREFIX}3 ]; then C_KERNEL=2; else C_KERNEL=4; fi | |
| echo "$C_KERNEL" | |
| sleep 3 && echo | |
| ## | |
| ## 2.Copy the existing kernel configuration into a file | |
| echo "## 2.Copy the existing kernel configuration into a file" | |
| echo "Copying current kernel into file = kernel$C_KERNEL" | |
| sudo /usr/share/vboot/bin/make_dev_ssd.sh --save_config /tmp/x --partitions $C_KERNEL || ( echo; error 2 "*** Couldn't create kernel config file" ) | |
| sleep 3 && echo | |
| ## | |
| ## 3.Edit the config file and add 'disablevmx=off' + 'lsm.module_locking=0' to the config line | |
| echo "## 3.Edit the config file and add 'disablevmx=off' + 'lsm.module_locking=0' to the config line" | |
| if grep --color 'disablevmx=off lsm.module_locking=0' /tmp/x.$C_KERNEL ; then | |
| echo; error 255 "*** Kernel configuraiton already modified - exiting" | |
| fi | |
| echo -n "Editing /tmp/x.$C_KERNEL to append = " | |
| sudo sed -i -e 's/$/ disablevmx=off lsm.module_locking=0/' /tmp/x.$C_KERNEL || ( echo; error 2 "*** Couldn't edit kernel config file" ) | |
| echo "disablevmx=off lsm.module_locking=0" | |
| sleep 3 && echo | |
| ## | |
| ## 4.Save the current kernel configuration and reload the new one | |
| echo "## 4.Save the current kernel configuration and reload the new one" | |
| echo -n "[ press ENTER to continue - Ctrl-C to abort ] "; read DOIT | |
| echo "Reloading the kernel configuration from /tmp/x.$C_KERNEL" | |
| sudo /usr/share/vboot/bin/make_dev_ssd.sh --set_config /tmp/x --partitions $C_KERNEL || ( echo; error 2 "*** Couldn't reload kernel configuration" ) | |
| sleep 3 && echo | |
| ## | |
| ## 5.reboot, and enjoy VT-x extensions | |
| echo "## 5.reboot, and enjoy VT-x extensions" | |
| echo "All done - rebooting..." | |
| echo -n "[ press ENTER to continue - Ctrl-C to abort ] "; read DOIT | |
| sudo reboot | |
| exit |
After the latest beta update for ChromeOS, I'm also getting the "VT-x is disabled in the BIOS (VERR_VMX_MSR_VMXON_DISABLED)" in VirtualBox in trusty. I know it was working before the update. Anyone else had the same issue and have a resolution?
Same problem here, since yesterday's update I get the VT-x error -- which I've never seen before.
CrOS just updated, and suddenly I'm getting the VT-x error also, leaving my 64-bit guest in the mud. The previous CrOS updates up to this one seemed fine after I ran the scripts, but not this time. Any ideas? Thanks.
Update: Shutting down and restarting fixed it where reboots did no good at all.
Does doing this give access to /dev/kvm in crouton?
UPDATE: the answer is no... it does not :-/
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Re-written to use simplified routine suggested by @divx118 - thanx ;)
... and tweaked USER logic to actually work - again ;) ...